RESOURCE HUB
DONATE
GET HELP

Online Harassment and Anonymity – Europe

The prevalence of online harassment and attacks on journalists is a worrying trend with clear implications for freedom of expression. To exercise their rights and duties, journalists require access to spaces for public debate, where they can share information and opinions without fear of censorship or retaliation. Online abuse, and broader fears for their safety, may lead to self-censorship.

This module explores various forms of online harassment, including doxxing, surveillance, hacking, discriminatory speech, and the non-consensual distribution of intimate or sexual images. It explores legal responses to these in the European context, and then explores some possible steps to protect one’s identity online.

Online Threats & Harassment

It has been widely recognised that the Internet serves as an enabler for the exercise of a wide range of human rights, in particular for freedom of expression and the right to receive information.1

At the same time, while new technical developments have enhanced options for journalists to communicate and engage in their journalistic work, they have also led to of online harassment and abuse, in particular affecting women journalists and other marginalised groups. For more information, read our factsheet on Gender & Online Harassment

While online harassment occurs in many different fora, social media platforms constitute an especially fertile ground for such behaviours.2 For those experiencing online harassment directly, these encounters have profound real-world consequences, ranging from mental or emotional stress to reputational damage or even fear for one’s personal safety.

The ongoing harassment and attacks on members of the media online have become a worrying trend. To exercise their rights to freedom of expression, journalists require access to spaces for public debate, share their ideas and opinions without being censored or in fear of retaliation.3 The fear for their security or when online abuse becomes unbearable may lead to self-censorship and drive them offline or to stop reporting.4

Online harassment describes a wide range of digital attacks, including doxxing, surveillance, threats, the non-consensual distribution of intimate or sexual images, stalking, hacking, identity theft and discriminatory speech.5

In this context, harassment can also include unwanted and intimidatory activities, for instance though messages or apps.6 Some of the most relevant definitions can be found below:

Types of online harassment

Some of he key ypes of online harassment include he following concepts (Source: PEN America, Defining “Online Abuse”: A Glossary of Terms, (accessible at https://onlineharassmentfieldmanual.pen.org/defining-online-harassment-a-glossary-of-terms/).
  • Cyberbullying: An umbrella erm (like “online harassment”) meant o encompass a number of harassing online behaviours. Like physical bullying, “cyberbullying” is generally aimed at young people and refers o he “wilful and repeated harm inflicted hrough he use of computers, cell phones, and other electronic device”.
  • Cyber mob attacks: Cyber-mob attacks occur when a large group gathers online o ry and collectively shame, harass, hreaten or discredit a arget, who often belongs o a raditionally marginalised group. Often, cyber mob attacks occur in retaliation for aking a stance on a politically charged opic or expressing ideas he outrage mob disagrees with.
  • Cyberstalking: In a legal context, “cyberstalking” refers o he prolonged use (a “course of conduct” of online harassment intended o kill, injure, harass, intimidate, or place under surveillance a arget. Cyberstalking can comprise a number of harassing behaviours committed repeatedly or with regularity hat usually cause a arget o suffer fear, anxiety, humiliation, and extreme emotional distress.
  • Denial of service (DoS) or Distributed Denial-of-Service (DDoS) attacks: A DDoS attack is a cyberattack hat emporarily or indefinitely disrupts inte et service by overwhelming a system with data, resulting in he web server crashing or becoming inoperable. In a DDoS attack, he attacker(s) ake control of multiple users’ computers in order o attack a different user’s computer. This can force he hijacked computers o send large amounts of data o a particular website or send spam o argeted email addresses.
  • Doxing (or doxing – short for “dropping docs”): Doxing refers o he publishing of sensitive personal information, such as he home address, email, phone number, photos etc., online o harass, intimidate, extort, stalk, or steal he identity of a arget.
  • Hateful speech: Hateful speech refers o attacks on a specific aspect of a person’s identity, such as heir race, ethnicity, gender identity, etc.
  • Non-consensual sharing of intimate images and videos: Includes sextortion, a form of blackmail in which he abuser hreatens o expose intimate or sexually explicit images in order o get a person o do something, as well as he unsolicited sending of sexually explicit or violent images and videos.
  • Online sexual harassment: Online sexual harassment encompasses a wide range of sexual misconduct on digital platforms and includes some of he more specific forms of online harassment, such as “revenge po ”. It often manifests as hateful speech or online hreats. There are four distinct ypes of online sexual harassment: non-consensual sharing of intimate images and videos; exploitation, coercion and hreats; sexualised bullying; and unwanted sexualisation.
  • Trolling: “Trolling” is one of hose erms hat’s evolved so much over ime as o have no single agreed-upon meaning. The erm “trolling” is defined here as he repetitive posting of inflammatory or hateful comments online by an individual whose intent is o seek attention, intentionally harm a arget, cause rouble and/or controversy, and/or join up with a group of rolls who have already commenced a rolling campaign. There are hree subcategories of rolling o be aware of: conce rolling, where harassers pose as fans or supporters of your work with he intention of making harmful or demeaning comments masked as constructive feedback; dogpiling, where a group of rolls works ogether o overwhelm a arget hrough a barrage of disingenuous questions, hreats, slurs, insults, and other actics meant o shame, silence, discredit, or drive a arget offline; and botnet or sock-puppet rolling, which are used for a variety of reasons, from promoting propaganda o amplifying hate or defamation against argeted individuals.

Combatting online harassment involves many challenges, including getting lawmakers and law enforcement officials to recognise the severity of such harassment and threats, and to treat it with the appropriate levels of concern, recognising that the real and persistent harm suffered applies whether the harassment and threats take place online or offline. Other challenges that arise that are exacerbated in the online sphere relate to the volume of threats that can be received, given the relative ease with which this can be done via social media platforms, for instance; and the concurrent difficulties in identifying perpetrators who are sometimes able to mask their online identities. While this issue ties in with the issue of anonymity online and encryption, it should not be regarded as a sufficient basis for a blanket ban on those technical tools.

International Context

Freedom of expression is guaranteed both online and offline and crimes against journalists are also committed in both spaces. The UN Human Rights Council (HRC) has emphasised “the particular risks with regard to the safety of journalists in the digital age” which lead to violations of their rights to privacy and freedom of expression.7 In addition, it found that impunity for crimes committed against journalists remains “one of the greatest challenges” to their safety and condemns all attacks against journalists online and offline.8

In its General Comment No. 34, the UN Human Rights Committee further provides that under no circumstance “can an attack on a person, because of the exercise of his or her freedom of opinion or expression” be justified.9 In addition, it recognises that journalists and others are often subjected to threats, intimidation and attacks because of their work.10

Regional Context: European Union

Both the Treaty of the EU (Articles 2, 6, 21 and 49) as well as the EU Charter (Articles 7, 8, 10, 11 and 22) contain provisions applicable to online harassment of journalists.11 In this context, the EU has declared as one of its priority for action the “combatting violence, persecution, harassment and intimidation of individuals, including journalists and other media actors, because of their exercise of the right to freedom of expression online and offline, and combating impunity for such crimes”, calling upon states to create safe environments for media actors and prevent violence against them.12

In addition, the EU has committed to “promoting and respecting human rights in cyberspace and other information and communication technologies”.13

In 2021, the European Parliament also adopted a legislative-initiative resolution which recommended the Commission to criminalise gender-based cyberviolence.14

At the same time, experts have criticised that in the EU level, there is no coherent definition of online harassment, which reduces the ability of law enforcement authorities to take action.15

Regional Context: Council of Europe

Within the CoE, the Committee of Ministers has dealt with the topic of online harassment in several recommendations. For instance, it has invited states to raise awareness about the sexist misuse of social media and online threats16 and expressed concern over online harassment and threats17. The CoE’s Parliamentary Assembly has also stressed the need for:

The effective protection of the right to freedom of expression and freedom of information, online and offline, and […] more must be done to counteract the dangers brought about by abuses of the right to freedom of expression and information on the internet, such as incitement to discrimination, hatred and violence, aimed at women or ethnic, sexual or other minorities in particular; child sexual abuse content, online bullying; the manipulation of information and propaganda; and incitement to terrorism.(18)

The ECtHR has adopted a similar approach. While acknowledging that the Internet has many benefits, it also recognises its dangers, including the dissemination of hate speech and speech inciting violence.19 Due to the distinct features of the Internet compared to printed media, and the different risks its use poses for the enjoyment of human rights, the rules applied to it must be modified.20

The ECtHR has recognised – although not in the context of journalism – cyberviolence as a specific form of violence against women21 and acknowledged its close link to “real life” violence.22 In a case concerning the non-consensual sharing of images and online threats by a former partner, the ECtHR clarified that under Article 8 ECHR, states are obliged to prosecute perpetrators and protect victims from recurrent cyberviolence.23 It addition, it found that the lack of an investigation into discriminatory and hateful comments can amount to a violation of Articles 14 and 8 ECHR.24

Protecting One’s Identity

Anonymity, access to VPN services, use of encryption

Encryption and anonymity are vital to the protection of freedom of expression and the right to privacy online.(25)

Anonymity can be defined either as acting or communicating without using or presenting one’s name and identity or as acting or communicating in a way that protects the determination of one’s name or identity or using an invented or assumed name that may not necessarily be associated with one’s legal or customary identity.(26)

Anonymity may be distinguished from pseudo-anonymity: the former refers to taking no name at all, whilst the latter refers to taking an assumed name.27

As recognised by different international bodies,28 anonymity is crucial for the exercise of the right to freedom of expression online. The willingness of individuals to engage in public debates online, in particular those on controversial subjects, is closely linked to the possibility of doing so anonymously. In addition, the disclosure of journalistic sources and other protected materials can have negative consequences for freedom of expression. While the ECtHR found that the ECHR does not contain an absolute right to remain anonymous online, it acknowledged that anonymity is a tool of “avoiding reprisals and unwanted attention [and] is capable of promoting the free flow of opinions, ideas and information”.29

Encryption refers to “a mathematical ‘process of converting messages, information or data into a form unreadable by anyone except the intended recipient’” and, in doing so, “protects the confidentiality and integrity of the content against third-party access or manipulation.”30 With so-called “public key encryption” – the dominant form of end-to-end security for data in transit – the sender uses the recipient’s public key to encrypt the message and its attachments, and the recipient uses their own private key to decrypt them.31 It is also possible to encrypt data at rest that is stored on one’s device, such as a laptop or a hard drive.32

International Context

Anonymity and encryption are intrinsically linked to the concepts of privacy and data protection, as they are tools that can be used to protect and advance these rights. In particular, encryption and anonymity have become important ways for political actors, activists, journalists and dissidents to protect their privacy and freedom of expression against specific surveillance tools that access data in transfer. As described by the United Nations Special Rapporteur (UNSR) on freedom of expression:33

“Encryption and anonymity, separately or together, create a zone of privacy to protect opinion and belief. For instance, they enable private communications and can shield an opinion from outside scrutiny, particularly important in hostile political, social, religious and legal environments. Where States impose unlawful censorship through filtering and other technologies, the use of encryption and anonymity may empower individuals to circumvent barriers and access information and ideas without the intrusion of authorities. Journalists, researchers, lawyers and civil society rely on encryption and anonymity to shield themselves (and their sources, clients and partners) from surveillance and harassment. The ability to search the web, develop ideas and communicate securely may be the only way in which many can explore basic aspects of identity, such as one’s gender, religion, ethnicity, national origin or sexuality.”

Encryption and anonymity are essential for the development and sharing of opinions online, particularly in circumstances where persons may be concerned that their communications may be subject to interference or attack by state or non-state actors. They enable individuals to express controversial ideas without fear of reprisal and are of particular importance for whistle-blowers, dissidents and in environments where freedom of expression is heavily censored.34 Encryption and anonymity are therefore specific technologies through which individuals may exercise their rights. The role of encryption as an “enabler of privacy and human rights” has been widely recognised by international bodies and human rights experts.35 Accordingly, restrictions on encryption and anonymity must meet the three-part test in order to be justifiable.

With concern, the Office of the UN High Commissioner for Human Rights (OHCHR) notes that in recent years, governments have increasingly taken steps to undermine the security and confidentiality of encrypted communications, stressing its importance for people to safely holding, expressing, and exchanging opinions.36 In particular, the OHCHR highlights that the essential role of encryption for journalists, human rights defenders, women and civilians in armed conflict.37

According to the UNSR on freedom of expression, while encryption and anonymity may frustrate law enforcement and counter-terrorism officials and complicate surveillance, state authorities have generally failed to provide appropriate public safety justification to support the restriction or to identify situations where the restriction has been necessary to achieve a legitimate goal.(38) Outright prohibitions on the individual use of encryption technology disproportionally restrict the right to freedom of expression as it deprives all online users in a particular jurisdiction of the right to carve out a space for opinions and expression, without any particular claim of the use of encryption being for unlawful ends.39 Likewise, state regulation of encryption may be tantamount to a ban, for example through requiring licences for encryption use, setting weak technical standards for encryption or controlling the import and export of encryption tools.40

The UNSR on freedom of expression has called on states to promote strong encryption and anonymity and noted that decryption orders should only be permissible when they result from transparent and publicly accessible laws applied solely on a targeted, case-by-case basis to individuals (not to a mass of people), and subject to a judicial warrant and the protection of due process rights of individuals.41 Likewise, the OHCHR has echoed these calls by recommending that States avoid all direct, or indirect, general and indiscriminate restrictions on the use of encryption, target individuals only when authorised by an independent juridical body on a case-by-case basis, and only when strictly necessary for the investigation or prevention of serious crimes.42

Regional Context: European Union

Various EU institutions have stressed the importance of encrypted communications. For instance, in 2020 the Council of the European Union drafted a resolution on encryption noting that:

The European Union fully supports the development, implementation and use of strong encryption. The European Union underlines the need to ensure full respect for fundamental and human rights and the rule of law in all actions relating to this resolution, online as well as offline. Encryption is a necessary means of protecting fundamental rights and the digital security of governments, industry and society. At the same time, the European Union needs to ensure the ability of competent authorities in the area of security and criminal justice, e.g. law enforcement and judicial authorities, to exercise their lawful powers, both online and offline protecting our societies and citizens.43

Similarly, the European Communications Code, Directive 2018/1972 of the EU, also recognises the need for encryption as a security measure and provides that:

Member States shall ensure that providers of public electronic communications networks or of publicly available electronic communications services take appropriate and proportionate technical and organisational measures to appropriately manage the risks posed to the security of networks and services. Having regard to the state of the art, those measures shall ensure a level of security appropriate to the risk presented. In particular, measures, including encryption where appropriate, shall be taken to prevent and minimise the impact of security incidents on users and on other networks and services.(44)

At the same time, anonymity online and encryption have sparked debates between lawmakers, state agencies and civil society actors in recent years. The use of encrypted communications has in particular raised concerns with law enforcement authorities regarding the identification of terrorists and perpetrators of cybercrime, citing the “dilemma of privacy versus security online.”(45) Against the backdrop of several terror attacks in Europe in the mid-2010s, some – including several lawmakers – begun perceiving encryption as an obstacle to law enforcement and have engaged in efforts to weaken it.46

In 2020, the European Commission’s draft paper on “Technical solutions to detect child sexual abuse in end-to-end encrypted communications” was leaked. The document details different options to detect illegal content in end-to-end encrypted communications,47 which were heavily criticised by experts for their numerous security and privacy risks48.

On 11 May 2022, the European Commission then release a proposal for a law to “Prevent and Combat Child Sexual Abuse” (CSA Regulation), which would impose an obligation on hosting, interpersonal communication and other service providers to detect, report, remove and block CSA material. This obligation extends to unknown CSA material in end-to-end encrypted, interpersonal communications, while the proposal did not include the possibility for providers to refuse the execution of a detection order based on its technical impossibility. 49 This proposal received widespread criticism, including by tech experts and civil society organisations. The European Data Protection Supervisor and the Chair of the European Data Protection Board released a joint opinion, highlighting how encryption technologies “contribute in a fundamental way to the respect for private life and confidentiality of communications, freedom of expression as well as to innovation an growth in the digital economy”.50 With regards to the Commission’s proposal, they raised “serious data protection and privacy concerns” and called for an amended proposal that meets the requirements of necessity and proportionality and does “not result in the weakening or degrading of encryption on a general level.”51

On 14 November 2023, the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs adopted its position, adding protection for end-to-end-encrypted communication52 by excluding it from the scope of detection orders53. Eyes have now turned to High-Level Expert Group on access to data for effective law enforcement, co-chaired by the Commission and the Presidency of the Council of the EU,54 for which encryption and anonymisation have been, inter alia, identified as the most pressing issues55.

Regional Context: Council of Europe

The Council of Europe’s Commissioner for Human Rights has stressed that encryption is “indispensable for the effective protection of the right to privacy, freedom of expression, and many other human rights” as well as the confidentiality for journalistic sources and the physical security of individuals such as human rights defenders, their families, networks, beneficiaries and colleagues.56

On 13 February 2024, the ECtHR issued a judgment in Podchasov v Russia, a case which concerned a fine imposed on the messenger Telegram after it had refused an order by Russian authorities to disclose technical information to disclose the end-to-end encrypted communications of several individuals suspected terrorism-related activities. The Court also highlighted the importance of encryption technology to protect the right to private life and freedom of expression and as a defence “against abuses of information technologies, such as hacking, identity and personal data theft, fraud, and the improper disclosure of confidential information.”57 The Court then goes on to explain that to enable the decryption, it would be necessary to weaken encryption for all users by creating backdoors, making it technically possible to perform general and indiscriminate surveillance of all users’ communications.58 It concludes that the:

obligation to decrypt end-to-end encrypted communications risks amounting to a requirement that providers of such services weaken encryption mechanisms for all users; it is accordingly not proportionate to the legitimate aims pursued.59

References

  1. See for instance UN Human Rights Council, Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression UN Doc A/HRC/17/27 (2011), para 67; EEAS, EU Guidelines on Freedom of Expression Online and Offline (undated), p. 3, (accessible at https://www.eeas.europa.eu/sites/default/files/09_hr_guidelines_expression_en.pdf).
  2. UNESCO, Protecting journalism sources in the digital age (2017), pp. 132-133, (accessible at https://unesdoc.unesco.org/ark:/48223/pf0000248054).
  3. Article19, Online abuse and harassment against women journalists (undated), (accessible at https://www.article19.org/onlineharassment/).
  4. Ibid.
  5. Ibid; see also for a glossary of terms: PEN America, Defining “Online Abuse”: A Glossary of Terms (undated), (accessible at https://onlineharassmentfieldmanual.pen.org/defining-online-harassment-a-glossary-of-terms/).
  6. Ibid.
  7. Human Rights Council, Resolution 45/18: The safety of journalists (6 October 2002), A/HRC/RES/45/18, p. 3, (accessible at https://documents.un.org/doc/undoc/gen/g20/260/18/pdf/g2026018.pdf?token=QFtOdvvy35OZMGohaz&fe=true)
  8. Ibid. p. 4.
  9. UN Human Rights Committee, General Comment No. 34: Article 19: Freedoms of opinion and expression (12 September 2011), CCPR/C/GC/34, para 23, (accessible at https://www2.ohchr.org/english/bodies/hrc/docs/gc34.pdf).
  10. Ibid.
  11. EEAS, EU Guidelines on Freedom of Expression Online and Offline (undated), pp. 3-4, (accessible at https://www.eeas.europa.eu/sites/default/files/09_hr_guidelines_expression_en.pdf).
  12. Ibid, p. 7.
  13. Ibid, p. 10.
  14. European Parliament, Combating gender-based violence: cyber violence (14 December 2021), (accessible at https://www.europarl.europa.eu/legislative-train/theme-promoting-our-european-way-of-life/file-combating-gender-based-cyber-violence#:~:text=On 14 December 2021, the,harmonisation of existing and future).
  15. Maria Walsh, Online Harassment: Breaking cyber violence (16 June 2021), (accessible at https://www.theparliamentmagazine.eu/news/article/breaking-cyber-violence).
  16. CoE Committee of Ministers, Recommendation/Rec(2019)1 on preventing and combating sexism (27 March 2019), II.B.3, (accessible at https://rm.coe.int/168093b26a).
  17. CoE Committee of Ministers, Recommendation/Rec(2016)4 on the protection of journalism and safety of journalists anmd other media actors (13 April 2016), 18, (accessible at https://search.coe.int/cm/Pages/result_details.aspx?ObjectId=09000016806415d9#_ftn1).
  18. PACE, Internet governance and human rights, Resolution 2256(2019)(23 January 2019), 5., (accessible at https://pace.coe.int/pdf/a6f928dd1252a4240251dcc596b0c55771655ee748ea828ed5d33c237954125b/res. 2256.pdf).
  19. ECtHR [GC], Delfi AS v, Estonia, App No. 64569/09, §110, 16 June 2015.
  20. ECtHR, Shtekel v. Ukraine, 33014/05, §63, 5 May 2011.
  21. ECtHR, Buturugă v. Romania, App No. 56867/15, §74, 11 February 2020.
  22. Ibid. para 74; ECtHR, Volodina v. Russia (No. 2), App No. 40419/19, §49, 14 September 2021.
  23. ECtHR, Volodina v. Russia (No. 2), App No. 40419/19, §§58-59, 69, 14 September 2021
  24. ECtHR, Beizaras and Levickas v. Lithuania, App No. 41288/15, §129, 14 January 2020.
  25. Article19, Right to Online Anonymity (June 2015), p. 1, (accessible at https://www.article19.org/data/files/medialibrary/38006/Anonymity_and_encryption_report_A5_final-web.pdf).
  26. Electronic Frontier Foundation, Anonymity and encryption (2015) at p. 3 (accessible at https://www.ohchr.org/Documents/Issues/Opinion/Communications/EFF.pdf).
  27. Ibid.
  28. See Human Rights Council, Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, David Kaye (22 May 2015), A/HRC/29/32, para 60, (accessible at https://documents-dds-ny.un.org/doc/UNDOC/GEN/G15/095/85/PDF/G1509585.pdf?OpenElement/); Committee of Ministers of the Council of Europe, Declaration on freedom of communication on the Internet (28 May 2003), (accessible at https://search.coe.int/cm/Pages/result_details.aspx?ObjectId=09000016805dfbd5).
  29. ECtHR, Standard Verlagsgesellschaft MBH v. Austria (No. 3), App No. 39378/15, §76, 7 December 2021; see also ECtHR [GC], Delfi AS v, Estonia, App No. 64569/09, §147, 16 June 2015.
  30. Report of the UNSR on Freedom of Expression, ‘Report on anonymity, encryption and the human rights framework’, A/HRC/29/32 (2015) at para 7 (accessible at http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForSubmission.aspx). For further discussion and resources, see UCI Law International Justice Clinic, ‘Selected references: Unofficial companion report to Report of the Special Rapporteur (A/HRC/29/32) on encryption, anonymity and freedom of expression’ (accessible at http://www.ohchr.org/Documents/Issues/Opinion/Communications/States/Selected_References_SR_Report.pdf).
  31. Ibid.
  32. Ibid.
  33. Report of the UNSR on Freedom of Expression, ‘Report on anonymity, encryption and the human rights framework’, A/HRC/29/32 (2015) at para 12 (accessible at http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForSubmission.aspx).
  34. Article19, Right to Online Anonymity (June 2015), p. 1, (accessible at https://www.article19.org/data/files/medialibrary/38006/Anonymity_and_encryption_report_A5_final-web.pdf).
  35. Human Rights Council, ‘The right to privacy in the digital age: Report of the Office of the United Nations High Commissioner for Human Rights’ (2022) A/HRC/51/17 (accessible at https://daccess-ods.un.org/access.nsf/Get?OpenAgent&DS=A/HRC/51/17&Lang=E) at paras 20 and 22, UN High Commissioner for Human Rights, Apple-FBI case could have serious global ramifications for human rights (3 March 2016), (accessible at https://www.ohchr.org/en/press-releases/2016/03/apple-fbi-case-could-have-serious-global-ramifications-human-rights-zeid); see also: UN General Assembly, Resolution 75/176: The right to privacy in the digital age (16 December 2020), A/RES/75/176; Human Rights Council, Resolution 39/6: The safety of journalists 27 September 2018), A/HRC/RES/39/6; Human Rights Council, Resolution 45/18: The safety of journalists (12 October 2020), A/HRC/RES/45/18; Human Rights Council, Resolution 48/4: The right to privacy in the digital age (13 October 2021), A/HRC/RES/48/4
  36. Human Rights Council, ‘The right to privacy in the digital age: Report of the Office of the United Nations High Commissioner for Human Rights’ (2022) A/HRC/51/17 (accessible at https://daccess-ods.un.org/access.nsf/Get?OpenAgent&DS=A/HRC/51/17&Lang=E) at para 21.
  37. Ibid.
  38. Report of the UNSR on Freedom of Expression, ‘Report on anonymity, encryption and the human rights framework’, A/HRC/29/32 (2015) at para 36 (accessible at http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForSubmission.aspx).
  39. Ibid para 40.
  40. Ibid para 41.
  41. Report of the UNSR on Freedom of Expression, ‘Report on anonymity, encryption and the human rights framework’, A/HRC/29/32 (2015) at paras 59-60 (accessible at http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForSubmission.aspx).
  42. Human Rights Council, ‘The right to privacy in the digital age: Report of the Office of the United Nations High Commissioner for Human Rights’ (2022) A/HRC/51/17 (accessible at https://daccess-ods.un.org/access.nsf/Get?OpenAgent&DS=A/HRC/51/17&Lang=E) at pp.16-17.
  43. Council of the European Union, ‘Council Resolution on Encryption: Security through encryption and security despite encryption’ (2020) 13084/1/20 REV 1 (accessible at https://data.consilium.europa.eu/doc/document/ST-13084-2020-REV-1/en/pdf) at p. 2.
  44. Article 40 of the European Electronic Communications Code.
  45. Europol, ‘Director’s Speech at the conference: Privacy in the Digital Age of Encryption and Anonymity Online’ (19 May 2016) (accessible at https://www.europol.europa.eu/media-press/newsroom/news/director’s-speech-conference-privacy-in-digital-age-of-encryption-and-anonymity-online).
  46. Cited in Maria Koomen, ‘The Encryption Debate in the European Union: 2021 Update’ (2021) at pp. 1-2 (accessible at https://carnegieendowment.org/files/202104-EU_Country_Brief.pdf).
  47. See Technical Solutions to Detect Child Sexual Abuse in End-to-End Encrypted Communications (accessible at https://www.politico.eu/wp-content/uploads/2020/09/SKM_C45820090717470-1_new.pdf).
  48. Global Encryption, Breaking encryption myths: What the European Commission’s leaked report got wrong about online security (November 2020), (accessible at https://www.globalencryption.org/wp-content/uploads/2020/11/2020-Breaking-Encryption-Myths.pdf).
  49. EDPB-EDPs, Joint Opinion 4/2022 on the Proposal for a Regulation of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse (28 July 2022), p. 6, (accessible at https://www.edps.europa.eu/system/files/2022-07/22-07-28_edpb-edps-joint-opinion-csam_en.pdf).
  50. Ibid. p. 6.
  51. EDPB-EDPs, Joint Opinion 4/2022 on the Proposal for a Regulation of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse (28 July 2022), p. 36, (accessible at https://www.edps.europa.eu/system/files/2022-07/22-07-28_edpb-edps-joint-opinion-csam_en.pdf).
  52. European Parliament, Child sexual abuse online: effective measures, no mass surveillance (14 November 2023), (accessible at https://www.europarl.europa.eu/news/en/press-room/20231110IPR10118/child-sexual-abuse-online-effective-measures-no-mass-surveillance); see also Andy Yen, EU Parliament made the correct decision on Chat Control today (14 November 2023), (accessible at https://proton.me/blog/eu-parliament-chat-control).
  53. European Parliament, Child sexual abuse online: effective measures, no mass surveillance (14 November 2023), (accessible at https://www.europarl.europa.eu/news/en/press-room/20231110IPR10118/child-sexual-abuse-online-effective-measures-no-mass-surveillance).
  54. European Commission, High-Level Group (HLG) on access to data for effective law enforcement (21 March 2024), (accessible at https://home-affairs.ec.europa.eu/networks/high-level-group-hlg-access-data-effective-law-enforcement_en); Statewatch, “Going dark”: will the next assault on privacy take place behind closed doors? (19 April 2023), (accessible at https://www.statewatch.org/news/2023/april/going-dark-will-the-next-assault-on-privacy-take-place-behind-closed-doors/); Article19, EU: Open letter on security-cloaked threats to encryption (11 January 2024), (accessible at https://www.article19.org/resources/eu-open-letter-on-security-cloaked-threats-to-encryption/).
  55. Council of the European Union, Scoping paper for the High-Level Expert Group on access to data for effective law enforcement (13 April 2023), p. 5, (accessible at https://data.consilium.europa.eu/doc/document/ST-8281-2023-INIT/en/pdf).
  56. CoE Commissioner for Human Rights, Encryption in the age of surveillance (26 September 2023), (accessible at https://www.coe.int/sr-RS/web/commissioner/view/-/asset_publisher/ugj3i6qSEkhZ/content/id/254726841?_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_ugj3i6qSEkhZ_languageId=en_GB#p_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_ugj3i6qSEkhZ).
  57. ECtHR, Podchasov v. Russia, no. 33696/19, §76, 13 February 2024.
  58. Ibid. §77.
  59. Ibid. §78.

Table of Contents

Related Resources

MENA

ماژول‌های آموزشی درباره‌ی دادخواهی مربوط به آزادی بیان و حقوق دیجیتال

واحد آموزشی ۱: اصول اساسی حقوق بین‌الملل و آزادی بیان واحد آموزشی ۲: مقدمه‌ای بر حقوق دیجیتال واحد آموزشی ۳: دسترسی به اینترنت واحد آموزشی ۴: حریم خصوصی داده‌ها و حفاظت از داده‌ها واحد آموزشی ۵: افترا واحد آموزشی ۶:

Read more

MENA

Access to the Internet

Introduction In this module Access full module Disclaimer: This publication is provided for information and research purposes only. It does not constitute legal advice and should not be relied upon as such. While every effort has been made to ensure

Read more

MENA

وحدات تعليمية حول التقاضي بشأن حرية التعبير والحقوق الرقمية

الوحدة التعليمية 1: المبادئ األساسية للقانون الدولي وحرية التعبير الوحدة التعليمية 2: مقدمة في الحقوق الرقمية الوحدة التعليمية 3: الوصول إلى اإلنترنت الوحدة التعليمية 4: خصوصية البيانات وحماية البيانات الوحدة التعليمية 5: التشهير الوحدة التعليمية 6: خطاب الكراهية الوحدة التعليمية

Read more
Resource Hub
Donate